Re: Logging

[infolookup () gmail com]

Has anyone used Snare for linux I saw it on sourceforge? If so how is compair to Splunk?
Sent via BlackBerry from T-Mobile

-----Original Message-----
From: Albert Gonzalez <albertg () cerveau us>

Date: Fri, 18 Jan 2008 17:57:09 
To:Lee Hilt <lhilt () mbc edu>,"'Krzyston, Randy'" <RandyK () gen-probe com>,<security-basics () securityfocus com>
Cc:<listbounce () securityfocus com>
Subject: RE: Logging


Although the interface could use some love, the reports I can generate via loglogic keep the various mgr happy. Plenty 
of canned reports and of course custom. I've even used it for notifications where applications logging capabilities 
lacked. The ability to have log management is invaluable, now if only someone was looking at it :)

HTH,
Albert  

-----Original Message-----
From: Lee Hilt <lhilt () mbc edu>
Sent: Friday, January 18, 2008 1:18 PM
To: 'Krzyston, Randy' <RandyK () gen-probe com>; security-basics@securityfocuscom
Cc: listbounce () securityfocus com
Subject: RE: Logging

If you are simply looking for a storage solution, (logs in, emails on
threshold of error rates, etc) Kiwi would be the way to go. 

If you are looking for a more granular look, along with searchable questions
like "Show me accounts with a high incidence of password failures" and other
questions, your solution might best be serviced by

http://manageengine.adventnet.com/products/eventlog/index.html

Pricing is kinda high, but it is a pretty good product.
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Krzyston, Randy
Sent: 2008-01-18 1:19
To: security-basics () securityfocus com
Cc: listbounce () securityfocus com
Subject: Logging

We are looking to implement a syslog server.  It needs to not only be
capable of storing logs ,but also detailed reporting for things such as SOX